Filters








130,254 Hits in 6.5 sec

On the Security of Delegation in Access Control Systems [chapter]

Qihua Wang, Ninghui Li, Hong Chen
2008 Lecture Notes in Computer Science  
Simply incorporating a delegation module into those systems may cause security breaches. This paper focuses on the security aspect of delegation in access control systems.  ...  However, most existing literature focuses on modeling and managing delegations. Little work has been done on understanding the impact of delegation on the security of existing access control systems.  ...  We have formally defined the notion of security with respect to delegation. A system that is secure regarding delegation is resistent to collusion.  ... 
doi:10.1007/978-3-540-88313-5_21 fatcat:hlbe6oeeobb6bfkf47fgcozeui

Model-driven adaptive delegation

Phu Hong Nguyen, Gregory Nain, Jacques Klein, Tejeddine Mouelhi, Yves Le Traon
2013 Proceedings of the 12th annual international conference on Aspect-oriented software development - AOSD '13  
Among the variety of models that have been studied in a MDE perspective, one can mention access control models that specify the access rights.  ...  This paper analyses the main hard-points for introducing various delegation semantics in model-driven security and proposes a model-driven framework for 1) specifying access control, delegation and the  ...  On one hand, access control policies are defined by security experts, using a DSML, which describes the concepts of access control, as well as their relationships.  ... 
doi:10.1145/2451436.2451445 dblp:conf/aosd/NguyenNKMT13 fatcat:pxpjg7ho7vd2biecoqjqv3p67y

Modularity and Dynamic Adaptation of Flexibly Secure Systems: Model-Driven Adaptive Delegation in Access Control Management [chapter]

Phu H. Nguyen, Gregory Nain, Jacques Klein, Tejeddine Mouelhi, Yves Le Traon
2014 Lecture Notes in Computer Science  
Among the variety of models that have been studied in a Model-Driven Security perspective, one can mention access control models that specify the access rights.  ...  This paper gives a formalization of access control and delegation mechanisms, and analyses the main hard-points for introducing various advanced delegation semantics in Model-Driven Security.  ...  We would like to thank the anonymous referees for their comments and suggestions. This work is supported by the Fonds National de la Recherche (FNR), Luxembourg, under the MITER project C10/IS/783852.  ... 
doi:10.1007/978-3-642-55099-7_4 fatcat:zbt4spp4mvdoxgjeivhoczbhoq

Trust-based security in pervasive computing environments

L. Kagal, T. Finin, A. Joshi
2001 Computer  
Acknowledgments This research was supported in part by the IBM EECOMS program and by the DARPA DAML program under contract F30602-97-1-0215, NSF CCR0070802, 1159875433.  ...  John is an employee of one of the office's partners, but the security agent in the office doesn't understand his role in the organization, so it denies him access to the Smart Room services.  ...  SmartSpaces are instances of pervasive systems in which the domain is divided into a hierarchy of spaces with a controller managing the services in each space.  ... 
doi:10.1109/2.970591 fatcat:mbjvstfakrh4redptfa43o6rhy

A Healthcare Information System with Augmented Access Controls [chapter]

Nagajyothi Gunti, Weiqing Sun, Mingzhe Xu, Zidong Liu, Mohammed Niamat, Mansoor Alam
2012 Lecture Notes in Computer Science  
It integrates heterogeneous information within the Healthcare Information Systems (HIS) stressing the need for augmented security, availability and access controls.  ...  This system is targeted at enhancing the usability of contemporary HISs without degrading the system security.  ...  It provides the basic role-based access control, which protects data in the Fig. 1 . Augmented Access Controls in Our System system from inappropriate accesses.  ... 
doi:10.1007/978-3-642-29253-8_80 fatcat:irzzfhekwbdedca4qzeakbpqwa

Criteria Specifications for the Comparison and Evaluation of Access Control Models

Shabnam Mohammad Hasani, Nasser Modiri
2013 International Journal of Computer Network and Information Security  
Because of considerable dependence on computer-based systems, the security of the information saved in these systems is of great concern, and therefore, the complexity of data protection and availability  ...  She is presently working on information security,access control and ISMS.  ...  [9, 18] Moreover, root-bottleneck may happen in case of delegation. Moreover, the application of the concept of delegation in an access control system, some other concepts may become complicated.  ... 
doi:10.5815/ijcnis.2013.05.03 fatcat:dbjk2x73qnbcditefywucyzuxa

A Blockchain-Based IoT Cross-Domain Delegation Access Control Method

Chao Li, Fan Li, Lihua Yin, Tianjie Luo, Bin Wang, Yinghui Zhang
2021 Security and Communication Networks  
Although cross-domain access control mechanisms exist in IoT, the majority of them are based on a trusted third party.  ...  The delegation-trajectory-on-blockchain strategy proposed enhances the scalability of the cross-domain delegation system.  ...  delegation access control system.  ... 
doi:10.1155/2021/3091104 fatcat:pa7dihfpbndlxo2zdfeitloo7i

A role-based delegation framework for healthcare information systems

Longhua Zhang, Gail-Joon Ahn, Bei-Tseng Chu
2002 Proceedings of the seventh ACM symposium on Access control models and technologies - SACMAT '02  
The proposed delegation framework addresses the issue of how to advocate selective information sharing in rolebased systems while minimizing the risks of unauthorized access.  ...  As organizations implement information strategies that call for sharing access to resources in the networked environment, mechanisms must be provided to protect the resources from adversaries.  ...  Objects of access control in the system are views.  ... 
doi:10.1145/507711.507731 dblp:conf/sacmat/ZhangAC02 fatcat:5ixl73zajnawbabiqpzlmhteum

A role-based delegation framework for healthcare information systems

Longhua Zhang, Gail-Joon Ahn, Bei-Tseng Chu
2002 Proceedings of the seventh ACM symposium on Access control models and technologies - SACMAT '02  
The proposed delegation framework addresses the issue of how to advocate selective information sharing in rolebased systems while minimizing the risks of unauthorized access.  ...  As organizations implement information strategies that call for sharing access to resources in the networked environment, mechanisms must be provided to protect the resources from adversaries.  ...  Objects of access control in the system are views.  ... 
doi:10.1145/507729.507731 fatcat:bpdy34vmvjdznjouru4cibupb4

Survey on delegated and self-contained authorization techniques in CPS and IoT

Sreelakshmi Vattaparambil Sudarsan, Olov Schelen, Ulf Bodin
2021 IEEE Access  
We focus on the state of the art on authorization sub-granting, including delegation techniques by access control/authorization server and self-contained authorization using a new concept of Power of Attorney  ...  Due to the heterogeneous nature of Cyber-Physical Systems and the Internet of Things, several authorization techniques using different access control models, accounts, groups, tokens, and delegations have  ...  tasks on behalf of others.Access control models are one of the major key security systems related to authorization.  ... 
doi:10.1109/access.2021.3093327 fatcat:amkmt5e2hbdthhjzzi5bycjlia

Delegation Protocols in Human-Centric Workflows

K. Gaaloul, H. A. Proper, F. Charoy
2011 2011 IEEE 13th Conference on Commerce and Enterprise Computing  
In this paper, we propose a modelling approach to secure delegation. In doing so, we define delegation protocols supporting specific constraints based on both workflow and access control systems.  ...  The novelty consists in the proactivity aspect of our framework to cope with dynamic delegation of authority in authorisation policies.  ...  While much of the work is limited to role-based access control, the goal of our paper is to consider task delegation constraints in workflow systems.  ... 
doi:10.1109/cec.2011.38 dblp:conf/wecwis/GaaloulPC11 fatcat:yvuml2rrr5glpg7j7n7dzklqxy

Security architecture for component-based operating systems

Trent Jaeger, Jochen Liedtke, Vsevolod Panteleenko, Yoonho Park, Nayeem Islam
1998 Proceedings of the 8th ACM SIGOPS European workshop on Support for composing distributed applications - EW 8  
The security requirements of the components are expressed in the access control model.  ...  Owning an object only implies that the object is in the owner's hierarchy, but does not imply control over access. The system security policy still restricts access and delegation.  ... 
doi:10.1145/319195.319229 dblp:conf/sigopsE/JaegerLPPI98 fatcat:niuhkexppzbfnhubperedtugzq

Smart keys for cyber-cars

Christoph Busold, Ahmed Taha, Christian Wachsmann, Alexandra Dmitrienko, Hervé Seudié, Majid Sobhani, Ahmad-Reza Sadeghi
2013 Proceedings of the third ACM conference on Data and application security and privacy - CODASPY '13  
An emerging trend is the integration of smartphones into automotive systems and applications, particularly access control systems to unlock cars (doors and immobilizers).  ...  Our generic security architecture protects the electronic access tokens on the smartphone and provides advanced features such as context-aware access policies, remote issuing and revocation of access rights  ...  Delegable Access Control With Smartphones. Our work is along the lines of the SmartToken system by Dmitrienko et al.  ... 
doi:10.1145/2435349.2435382 dblp:conf/codaspy/BusoldTWDSSS13 fatcat:voqekmljrbc5hg53pkmdvfrycq

A Security Infrastructure for Trust Management in Multi-agent Systems [chapter]

Agostino Poggi, Michele Tomaiuolo, Giosuè Vitaglione
2005 Lecture Notes in Computer Science  
This paper presents a security model founded on delegation certificates, which allows the management of security policies on the base of trust relations among autonomous software agents, collaborating  ...  Multi-agent systems are based on the interaction of autonomous software components, the agents, which cooperate to achieve common goals.  ...  Staging these behaviors in a system based on access control lists is not simple.  ... 
doi:10.1007/11532095_10 fatcat:a62srrq4gnghpcyjzvntmmbu2y

Towards Proactive Policies Supporting Event-Based Task Delegation

Khaled Gaaloul, Philip Miseldine, François Charoy
2009 2009 Third International Conference on Emerging Security Information, Systems and Technologies  
Task delegation is a mechanism that supports organisational flexibility in the human-centric workflow systems, and ensures delegation of authority in access control systems.  ...  The novelty consists of reasoning on authorisation dependently on task delegation events, and specifies them in terms of delegation policies.  ...  We define task delegation to support organisational flexibility in the human-centric workflow systems, and to ensure delegation of authority in access control systems.  ... 
doi:10.1109/securware.2009.23 dblp:conf/securware/GaaloulMC09 fatcat:6oun45ply5cwdhpn6qa3thxezq
« Previous Showing results 1 — 15 out of 130,254 results